CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2017(Gain Privilege)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2017-14484 Exec Code +Priv 2017-09-15 2017-09-15
0.0
None ??? ??? ??? ??? ??? ???
The Gentoo sci-mathematics/gimps package before 28.10-r1 for Great Internet Mersenne Prime Search (GIMPS) allows local users to gain privileges by creating a hard link under /var/lib/gimps, because an unsafe "chown -R" command is executed.
2 CVE-2017-14398 +Priv 2017-09-13 2017-09-13
0.0
None ??? ??? ??? ??? ??? ???
rzpnk.sys in Razer Synapse 2.20.15.1104 allows local users to read and write to arbitrary memory locations, and consequently gain privileges, via a methodology involving a handle to \Device\PhysicalMemory, IOCTL 0x22A064, and ZwMapViewOfSection.
3 CVE-2017-14315 Overflow +Priv Bypass 2017-09-12 2017-09-15
0.0
None ??? ??? ??? ??? ??? ???
In Apple iOS 7 through 9, due to a BlueBorne flaw in the implementation of LEAP (Low Energy Audio Protocol), a large audio command can be sent to a targeted device and lead to a heap overflow with attacker-controlled data. Since the audio commands sent via LEAP are not properly validated, an attacker can use this overflow to gain full control of the device through the relatively high privileges of the Bluetooth stack in iOS. The attack bypasses Bluetooth access control; however, the default "Bluetooth On" value must be present in Settings.
4 CVE-2017-14312 264 +Priv 2017-09-11 2017-09-19
7.2
None Local Low Not required Complete Complete Complete
Nagios Core through 4.3.4 initially executes /usr/sbin/nagios as root but supports configuration options in which this file is owned by a non-root account (and similarly can have nagios.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account.
5 CVE-2017-14311 +Priv 2017-09-19 2017-09-19
0.0
None ??? ??? ??? ??? ??? ???
The Winring0x32.sys driver in NetMechanica NetDecision 5.8.2 allows local users to gain privileges via a crafted 0x9C402088 IOCTL call.
6 CVE-2017-13779 Exec Code +Priv 2017-09-14 2017-09-14
0.0
None ??? ??? ??? ??? ??? ???
GSTN_offline_tool in India Goods and Services Tax Network (GSTN) Offline Utility tool before 1.2 executes winstart-server.vbs from the "C:\GST Offline Tool" directory, which has insecure permissions. This allows local users to gain privileges by replacing winstart-server.vbs with arbitrary VBScript code. For example, a local user could create VBScript code for a TCP reverse shell, and use that later for Remote Command Execution.
7 CVE-2017-13707 264 Exec Code +Priv 2017-08-27 2017-09-08
10.0
None Remote Low Not required Complete Complete Complete
Privilege escalation in Replibit Backup Manager earlier than version 2017.08.04 allows attackers to gain root privileges via sudo command execution. The vi program can be accessed through sudo, in order to navigate the filesystem and modify a critical file such as /etc/passwd.
8 CVE-2017-13130 264 +Priv 2017-08-22 2017-08-30
7.2
None Local Low Not required Complete Complete Complete
mcmnm in BMC Patrol allows local users to gain privileges via a crafted libmcmclnx.so file in the current working directory, because it is setuid root and the RPATH variable begins with the .: substring.
9 CVE-2017-12787 119 Exec Code Overflow +Priv 2017-08-22 2017-08-29
10.0
None Remote Low Not required Complete Complete Complete
A network interface of the novi_process_manager_daemon service, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be leveraged by remote, unauthenticated attackers to gain resultant privileged (root) code execution on the switch, because incoming packet data can contain embedded OS commands, and can also trigger a stack-based buffer overflow.
10 CVE-2017-12786 119 Exec Code Overflow +Priv 2017-08-22 2017-08-29
10.0
None Remote Low Not required Complete Complete Complete
Network interfaces of the cliengine and noviengine services, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, can be inadvertently exposed if an operator attempts to modify ACLs, because of a bug when ACL modifications are applied. This could be leveraged by remote, unauthenticated attackers to gain resultant privileged (root) code execution on the switch, because there is a stack-based buffer overflow during unserialization of packet data.
11 CVE-2017-12785 119 Exec Code Overflow +Priv 2017-08-22 2017-08-29
10.0
None Remote Low Not required Complete Complete Complete
The novish command-line interface, included in the NoviWare software distribution through NW400.2.6 and deployed on NoviSwitch devices, is prone to a buffer overflow in the "show log cli" command. This could be used by a read-only user (monitor role) to gain privileged (root) code execution on the switch via command injection.
12 CVE-2017-12763 264 +Priv 2017-08-29 2017-09-07
9.0
None Remote Low Single system Complete Complete Complete
An unspecified server utility in NoMachine before 5.3.10 on Mac OS X and Linux allows authenticated users to gain privileges by gaining access to local files.
13 CVE-2017-12733 306 +Priv 2017-09-08 2017-09-18
7.5
None Remote Low Not required Partial Partial Partial
A Missing Authentication for Critical Function issue was discovered in OPW Fuel Management Systems SiteSentinel Integra 100, SiteSentinel Integra 500, and SiteSentinel iSite ATG consoles with the following software versions: older than V175, V175-V189, V191-V195, and V16Q3.1. An attacker may create an application user account to gain administrative privileges.
14 CVE-2017-12146 362 +Priv 2017-09-08 2017-09-18
6.9
None Local Medium Not required Complete Complete Complete
The driver_override implementation in drivers/base/platform.c in the Linux kernel before 4.12.1 allows local users to gain privileges by leveraging a race condition between a read operation and a store operation that involve different overrides.
15 CVE-2017-12137 264 +Priv 2017-08-24 2017-08-29
7.2
None Local Low Not required Complete Complete Complete
arch/x86/mm.c in Xen allows local PV guest OS users to gain host OS privileges via vectors related to map_grant_ref.
16 CVE-2017-12136 362 DoS +Priv 2017-08-24 2017-08-29
6.9
None Local Medium Not required Complete Complete Complete
Race condition in the grant table code in Xen 4.6.x through 4.9.x allows local guest OS administrators to cause a denial of service (free list corruption and host crash) or gain privileges on the host via vectors involving maptrack free list handling.
17 CVE-2017-12135 264 DoS +Priv +Info 2017-08-24 2017-08-29
4.6
None Local Low Not required Partial Partial Partial
Xen allows local OS guest users to cause a denial of service (crash) or possibly obtain sensitive information or gain privileges via vectors involving transitive grants.
18 CVE-2017-12134 264 DoS +Priv +Info 2017-08-24 2017-08-29
7.2
None Local Low Not required Complete Complete Complete
The xen_biovec_phys_mergeable function in drivers/xen/biomerge.c in Xen might allow local OS guest users to corrupt block device data streams and consequently obtain sensitive memory information, cause a denial of service, or gain host OS privileges by leveraging incorrect block IO merge-ability calculation.
19 CVE-2017-11742 426 +Priv 2017-07-30 2017-08-09
4.6
None Local Low Not required Partial Partial Partial
The writeRandomBytes_RtlGenRandom function in xmlparse.c in libexpat in Expat 2.2.1 and 2.2.2 on Windows allows local users to gain privileges via a Trojan horse ADVAPI32.DLL in the current working directory because of an untrusted search path, aka DLL hijacking.
20 CVE-2017-11657 426 +Priv 2017-08-04 2017-08-15
4.4
None Local Medium Not required Partial Partial Partial
Dashlane might allow local users to gain privileges by placing a Trojan horse WINHTTP.dll in the %APPDATA%\Dashlane directory.
21 CVE-2017-11653 275 +Priv 2017-08-18 2017-08-25
4.6
None Local Low Not required Partial Partial Partial
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the Devices directory, which allows local users to gain privileges via a Trojan horse (1) RazerConfigNative.dll or (2) RazerConfigNativeLOC.dll file.
22 CVE-2017-11652 275 +Priv 2017-08-18 2017-08-25
4.6
None Local Low Not required Partial Partial Partial
Razer Synapse 2.20.15.1104 and earlier uses weak permissions for the CrashReporter directory, which allows local users to gain privileges via a Trojan horse dbghelp.dll file.
23 CVE-2017-11473 119 Overflow +Priv 2017-07-20 2017-07-29
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 4.12.2 allows local users to gain privileges via a crafted ACPI table.
24 CVE-2017-11153 502 +Priv 2017-08-08 2017-08-18
7.5
None Remote Low Not required Partial Partial Partial
Deserialization vulnerability in synophoto_csPhotoMisc.php in Synology Photo Station before 6.7.3-3432 and 6.3-2967 allows remote attackers to gain administrator privileges via a crafted serialized payload.
25 CVE-2017-10914 415 DoS +Priv +Info 2017-07-04 2017-08-21
6.8
None Remote Medium Not required Partial Partial Partial
The grant-table feature in Xen through 4.8.x has a race condition leading to a double free, which allows guest OS users to cause a denial of service (memory consumption), or possibly obtain sensitive information or gain privileges, aka XSA-218 bug 2.
26 CVE-2017-10913 264 +Priv +Info 2017-07-04 2017-08-21
7.5
None Remote Low Not required Partial Partial Partial
The grant-table feature in Xen through 4.8.x provides false mapping information in certain cases of concurrent unmap calls, which allows backend attackers to obtain sensitive information or gain privileges, aka XSA-218 bug 1.
27 CVE-2017-10859 +Priv 2017-09-15 2017-09-15
0.0
None ??? ??? ??? ??? ??? ???
Untrusted search path vulnerability in "i-filter 6.0 installer" timestamp of code signing is before 23 Aug 2017 (JST) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
28 CVE-2017-10858 +Priv 2017-09-15 2017-09-15
0.0
None ??? ??? ??? ??? ??? ???
Untrusted search path vulnerability in "i-filter 6.0 install program" file version 1.0.8.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
29 CVE-2017-10855 +Priv 2017-09-15 2017-09-15
0.0
None ??? ??? ??? ??? ??? ???
Untrusted search path vulnerability in FENCE-Explorer for Windows V8.4.1 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
30 CVE-2017-10851 426 +Priv 2017-09-01 2017-09-06
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Installer for ContentsBridge Utility for Windows 7.4.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
31 CVE-2017-10850 426 +Priv 2017-09-01 2017-09-14
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Installers of ART EX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:04 UTC.), PostScript? Driver + Additional Feature Plug-in + PPD File for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 12 Apr 2017 02:10 UTC.), XPS Print Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 3 Nov 2017 23:48 UTC.), ART EX Direct FAX Driver for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 26 May 2017 07:44 UTC.), Setting Restore Tool for ApeosPort-VI C7771/C6671/C5571/C4471/C3371/C2271, DocuCentre-VI C7771/C6671/C5571/C4471/C3371/C2271 (Timestamp of code signing is before 25 Aug 2015 08:51 UTC.) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
32 CVE-2017-10849 426 +Priv 2017-09-01 2017-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Self-extracting document generated by DocuWorks 8.0.7 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
33 CVE-2017-10848 426 +Priv 2017-09-01 2017-09-06
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Installers for DocuWorks 8.0.7 and earlier and DocuWorks Viewer Light published in Jul 2017 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
34 CVE-2017-10836 426 +Priv 2017-08-28 2017-09-01
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Optimal Guard 1.1.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
35 CVE-2017-10831 426 +Priv 2017-08-28 2017-08-30
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in The electronic authentication system based on the commercial registration system "The CRCA user's Software" Ver1.8 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
36 CVE-2017-10830 426 +Priv 2017-08-28 2017-08-30
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Security Setup Tool all versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
37 CVE-2017-10829 426 +Priv 2017-09-01 2017-09-05
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Remote Support Tool (Enkaku Support Tool) All versions distributed through the website till 2017 August 10 allow an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
38 CVE-2017-10828 426 +Priv 2017-08-28 2017-08-30
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Flets Install Tool all versions distributed through the website till 2017 August 8 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
39 CVE-2017-10827 426 +Priv 2017-08-28 2017-08-30
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Flets Azukeru for Windows Auto Backup Tool v1.0.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
40 CVE-2017-10826 426 +Priv 2017-08-28 2017-08-30
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Security Kinou Mihariban v1.0.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
41 CVE-2017-10824 426 +Priv 2017-08-18 2017-08-24
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in TDB CA TypeA use software Version 5.2 and earlier, distributed until 10 August 2017 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
42 CVE-2017-10823 426 +Priv 2017-08-18 2017-08-22
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Installer for Shin Kinkyuji Houkoku Data Nyuryoku Program (program released on 2011 March 10) Distributed on the website till 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
43 CVE-2017-10822 426 +Priv 2017-08-18 2017-08-22
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Installer for Shin Sekiyu Yunyu Chousa Houkoku Data Nyuryoku Program (program released on 2013 September 30) distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
44 CVE-2017-10821 426 +Priv 2017-08-18 2017-08-24
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Installer for Shin Kikan Toukei Houkoku Data Nyuryokuyou Program (program released on 2013 September 30) Distributed on the website until 2017 May 17 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
45 CVE-2017-10820 426 +Priv 2017-08-04 2017-08-23
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Installer of IP Messenger for Win 4.60 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
46 CVE-2017-10812 426 +Priv 2017-08-28 2017-08-30
9.3
None Remote Medium Not required Complete Complete Complete
Untrusted search path vulnerability in Photo Collection PC Software Ver.4.0.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
47 CVE-2017-10663 129 +Priv 2017-08-19 2017-08-23
7.2
None Local Low Not required Complete Complete Complete
The sanity_check_ckpt function in fs/f2fs/super.c in the Linux kernel before 4.12.4 does not validate the blkoff and segno arrays, which allows local users to gain privileges via unspecified vectors.
48 CVE-2017-10662 264 +Priv 2017-08-19 2017-08-23
7.2
None Local Low Not required Complete Complete Complete
The sanity_check_raw_super function in fs/f2fs/super.c in the Linux kernel before 4.11.1 does not validate the segment count, which allows local users to gain privileges via unspecified vectors.
49 CVE-2017-10661 416 DoS +Priv 2017-08-19 2017-08-29
7.6
None Remote High Not required Complete Complete Complete
Race condition in fs/timerfd.c in the Linux kernel before 4.10.15 allows local users to gain privileges or cause a denial of service (list corruption or use-after-free) via simultaneous file-descriptor operations that leverage improper might_cancel queueing.
50 CVE-2017-9653 285 +Priv 2017-08-14 2017-09-05
7.5
None Remote Low Not required Partial Partial Partial
An Improper Authorization issue was discovered in OSIsoft PI Integrator for Business Analytics before 2016 R2, PI Integrator for Microsoft Azure before 2016 R2 SP1, and PI Integrator for SAP HANA before 2017. An attacker is able to gain privileged access to the system while unauthorized.
Total number of vulnerabilities : 345   Page : 1 (This Page)2 3 4 5 6 7
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.